O'Reilly logo

Network Security Hacks by Andrew Lockhart

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

PPTP Tunneling

Set up quick and easy VPN access using the Point-to-Point Tunneling Protocol.

The Point-to-Point Tunneling Protocol (PPTP) is basically a means to set up PPP tunnels [Hack #81] automatically without needing to manually start a PPP daemon on the remote machine. The main benefit of using PPTP is that both Windows and Mac OS X natively support the creation of VPN connections, and both provide easy-to-use GUIs for setting up the connections on the client side. Thus, you can provide a VPN solution without much effort on your users’ part.

To set up the server end, you can use PoPToP (http://www.poptop.org), an open source PPTP server. You can get a very simple PPTP VPN going with minimal effort—just download the source distribution and unpack it, then go into the directory it created.

After you’ve done that, you can run this command to compile it:

$ ./configure && make

Then become root and run this command to install PoPToP:

# make install

The PPTP daemon that this installs is called pptpd. Now you’ll need to create a configuration file for pptpd (i.e., /etc/pptpd.conf) and a pppd options file to use with it.

Here’s a suitable /etc/pptpd.conf to start out with:

option /etc/ppp/options.pptpd
localip 10.0.0.1
remoteip 10.0.0.2-100

This defines the IP address of the local end of the PPTP connection as 10.0.0.1 and creates a pool of addresses to be dynamically allocated to clients (i.e., 10.0.0.2-100). When you create your pptpd.conf file, you should use addresses from the range ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required